Vulnerabilities exist in software and become key threats for attack to leverage exploit techniques to successfully deliver attack. In a real advanced persistent attack, unknown vulnerabilities and exploits are utilized frequently to bypass existing security solutions. Return Oriented Programming (ROP) is one kind of exploit techniques to bypass data execution prevention. Just-in-time (JIT) spraying is another example that how exploit techniques can bypass existing defense solutions.
Often, malicious code triggers vulnerability first, then causes unexpected control flow transfer afterwards. Exploit mitigation solutions existed for many years including host intrusion prevention system. Most of them focus on in/post exploit detection because there is no effective way to catch first trigger point without hardware assist. Once exploit targets the correct trigger point, it could bypass existing protection solutions.